Get the latest from TODAY

When you check into your hotel on spring break vacation, one of the first things you may do is connect to the Wi-Fi that most resembles the hotel's name. You assume your data is safe — but now hackers are imitating the Wi-Fi at your hotel to steal your personal data. And they have new tricks to make it even tougher to spot.

Poolside at the Grand Fiesta Americana in Cancun, Mexico, cybersecurity expert Jim Stickley helped TODAY national investigative correspondent Jeff Rossen reveal the dangers. The hotel's Wi-Fi access point was named FiestaRewards, so with permission from the hotel, Stickley set up a network called FiestaRewards Pool, "which basically makes people think 'Hey, we're at the pool, that must be the stronger signal down here, I'll use that one,'" he explained.

Rossen signed on to the fake network. As he made an online purchase, checked his flight and logged into his email, Stickley monitored his every move, gaining access to Rossen's credit card information as well as his email address and password.

Then something even more unsettling happened: Hotel guests around the pool and even down on the beach started joining the fake network, thinking it was real. And when Stickley created another fake network — this one with the same exact name as the real hotel network — guests' phones starting auto-joining it without their owners even touching their phones.

So what can you do to protect yourself while on vacation?

Cybersecurity expert Jim Stickley set up a fake Wi-Fi network to dramatize the dangers of being hacked on vacation.TODAY

When you want to go to your bank site or purchase something online with your credit card, hop OFF the public Wi-Fi and go onto a 3G or 4G cell carrier — it's much more secure. After you're done, you can go back to the public Wi-Fi.

Every hour or two on a public Wi-Fi network, adjust your phone settings to forget the network, then log back in again. Better yet, when you first log onto any public network, shut off your phone's auto-join function.

Try purposely logging onto the public Wi-Fi with the wrong password. If you can get on anyway, that's a sign that someone is monitoring you and you're not secure.